Posts Tagged ‘2010’

Black Hat USA 2010: Hacking Browser’s DOM: Exploiting Ajax and RIA 5/6

Speaker: Shreeraj Shah Web 2.0 applications are using dynamic DOM manipulations extensively for presenting JSON or XML streams in the browser. These DOM calls mixed with XMLHttpRequest (XHR) object are part of client side logic written in JavaScript or part of any other client side technology be it Flash or Silverlight. DOM driven XSS is a sleeping giant in the application code and it can be exploited by an attacker to gain access to the end user’s browser/desktop. This can become a root cause of following set of interesting vulnerabilities — Cross Widget Sniffing, RSS feed reader exploitation, XHR response stealing, Mashup hacking, Malicious code injection, Spreading Worm etc. This set of vulnerability needs innovative way of scanning the application and corresponding methodology needs to be tweaked. We have seen DOM driven XSS exploited in various different popular portals to spread worm or virus. This is a significant threat on the rise and should be mitigated by validating un-trusted content poisoning Ajax or Flash routines. DOM driven XSS, Cross Domain Bypass and CSRF can cause a deadly cocktail to exploit Web 2.0 applications across Internet. This presentation will be covering following important issues and concepts. * Web 2.0 Architecture and DOM manipulation points * JavaScript exploits by leveraging DOM * Cross Domain Bypass and Hacks * DOM hacking for controlling Widgets and Mashups * Exploiting Ajax routines to gain feed readers * Scanning and detecting DOM
Video Rating: 5 / 5

Black Hat USA 2010: Mastering the Nmap Scripting Engine 3/5

Speakers: Fyodor, David Fifield Most security practitioners can use Nmap for simple port scanning and OS detection, but the Nmap Scripting Engine (NSE) takes scanning to a whole new level. Nmap’s high-speed networking engine can now spider web sites for SQL injection vulnerabilities, brute-force crack and query MSRPC services, find open proxies, and more. Nmap includes more than 125 NSE scripts for network discovery, vulnerability detection, exploitation, and authentication cracking. Rather than give a dry overview of NSE, Fyodor and Nmap co-maintainer David Fifield demonstrate practical solutions to common problems. They have scanned millions of hosts with NSE and will discuss vulnerabilities found on enterprise networks and how Nmap can be used to quickly detect those problems on your own systems. Then they demonstrate how easy it is to write custom NSE scripts to meet the needs of your network. Finally they take a quick look at recent Nmap developments and provide a preview of what is soon to come. This presentation does not require any NSE experience, but it wouldn’t hurt to read nmap.org/book/nse.html. For more information click here (bit.ly

Speakers: Meredith L. Patterson, Len Sassaman One of the most difficult aspects of securing a protocol implementation is simply bounding the scope of the attack surface: how do you tell where attacks are likely to crop up? Historically, variations between implementations have led to some of the most successful attack techniques — from simple TCP “Christmas tree” packets to last year’s multiple break of the X.509 certificate authority system (by these speakers). But without access to all the relevant source code, how can developers identify potential sources of exploitable variations in behavior? In this presentation, we go beyond the accumulated wisdom of “best practices” and demonstrate a quantitative technique for minimizing inconsistent behavior between implementations. We will also show how this technique can be used from an attacker’s perspective. Last year we showed you how to break X.509; this year, we will show you how we found those vulnerabilities and how the same techniques can be used to discover multiple novel 0-days in any vulnerable protocol implementation. For more information click here (bit.ly
Video Rating: 5 / 5

Black Hat USA 2010: Exploiting the Forest with Trees 3/5

Speakers: Meredith L. Patterson, Len Sassaman One of the most difficult aspects of securing a protocol implementation is simply bounding the scope of the attack surface: how do you tell where attacks are likely to crop up? Historically, variations between implementations have led to some of the most successful attack techniques — from simple TCP “Christmas tree” packets to last year’s multiple break of the X.509 certificate authority system (by these speakers). But without access to all the relevant source code, how can developers identify potential sources of exploitable variations in behavior? In this presentation, we go beyond the accumulated wisdom of “best practices” and demonstrate a quantitative technique for minimizing inconsistent behavior between implementations. We will also show how this technique can be used from an attacker’s perspective. Last year we showed you how to break X.509; this year, we will show you how we found those vulnerabilities and how the same techniques can be used to discover multiple novel 0-days in any vulnerable protocol implementation. For more information click here (bit.ly

Blackhat 2010 Attacking Phone Privacy Karsten Nohl Part

Speaker: Shreeraj Shah Web 2.0 applications are using dynamic DOM manipulations extensively for presenting JSON or XML streams in the browser. These DOM calls mixed with XMLHttpRequest (XHR) object are part of client side logic written in JavaScript or part of any other client side technology be it Flash or Silverlight. DOM driven XSS is a sleeping giant in the application code and it can be exploited by an attacker to gain access to the end user’s browser/desktop. This can become a root cause of following set of interesting vulnerabilities — Cross Widget Sniffing, RSS feed reader exploitation, XHR response stealing, Mashup hacking, Malicious code injection, Spreading Worm etc. This set of vulnerability needs innovative way of scanning the application and corresponding methodology needs to be tweaked. We have seen DOM driven XSS exploited in various different popular portals to spread worm or virus. This is a significant threat on the rise and should be mitigated by validating un-trusted content poisoning Ajax or Flash routines. DOM driven XSS, Cross Domain Bypass and CSRF can cause a deadly cocktail to exploit Web 2.0 applications across Internet. This presentation will be covering following important issues and concepts. * Web 2.0 Architecture and DOM manipulation points * JavaScript exploits by leveraging DOM * Cross Domain Bypass and Hacks * DOM hacking for controlling Widgets and Mashups * Exploiting Ajax routines to gain feed readers * Scanning and detecting DOM

CodenomiCON 2010 – Charlie Miller – part #1 – An Analysis of Fuzzing 4 Products with five lines…

Charlie Miller from Independent Security Evaluators presenting “Babysitting an Army of Monkeys: An analysis of fuzzing 4 products with 5 lines of Python” at CodenomiCON 2010 in Las Vegas. CodenomiCON is an yearly event hosted by Codenomicon where leading industry experts gather to discuss and talk about fuzzing, software robustness and the current state of the industry. The goal is to bring experts together to share and develop ideas in the fields of fuzzing, software security, quality assurance (QA), robustness, reliability and cyber defense. CodenomiCON 2010 was held this year at the Bellagio hotel in Las Vegas during Black Hat and DEFCON conferences. Codenomicon develops test automation software that can be used to quickly identify security flaws in communication products and services. Its unique, model-based fuzzing technique exposes more weaknesses than any other fuzzing platform. Codenomicon is a spin-off of the widely acclaimed PROTOS project, and has 10+ years of experience in proactive security testing. Thousands of software developers, testers and security auditors in different industries around the world rely on Codenomicon Defensics to mitigate threats. For companies interested in integrating fuzzing into the SDL, Codenomicon provides off-the-shelf tools for all standard or proprietary protocols. Codenomicon also offers an extensive range of services related to product security. Full auditing services are available for all types of communication software.

STING – King Of Pain (Barcelona 2010)

Barcelona October 2010

Black Hat DC 2010: Exploiting Lawful Intercept to Wiretap the Internet 6/6

Clip 6/6 Speaker: Tom Cross Many governments require telecommunications companies to provide interfaces that law enforcement can use to monitor their customer’s communications. If these interfaces are poorly designed, implemented, or managed they can provide a backdoor for attackers to perform surveillance without lawful authorization. Most lawful intercept technology is proprietary and difficult to peer review. Fortunately, Cisco has published the core architecture of it’s lawful intercept technology in an Internet Draft and a number of public configuration guides. This talk will review Cisco’s architecture for lawful intercept from a security perspective. The talk will explain how a number of different weaknesses in its design coupled with publicly disclosed security vulnerabilities could enable a malicious person to access the interface and spy on communications without leaving a trace. The talk will explain what steps network operators need to take to protect this interface. The talk will also provide a set of recommendations for the redesign of the interface as well as SNMP authentication in general to better mitigate the security risks. For more information go to the BlackHat 2010 DC archive bit.ly

Jeff’s Cash from Just Feburary 2010 On the Hood of His ’68 Corvair Monza. affiliate marketing.

if you want to get PAST all the crap out there, and make some real cash NOW… I can help you, and I WILL help you. join my team now vendor-lock.com
Video Rating: 5 / 5

Blackhat 2010 Malware Freak Show 2010 Nicholas J Percoco Jibran llyas Part

Video Rating: 0 / 5

Black Hat USA 2010: Black Ops of Fundamental Defense: Web Edition 3/6

Speaker: Dan Kaminsky Lets be honest: Year in, year out, we keep finding the same bugs in the same places, and wondering: Why don’t they learn? Why don’t developers use these beautiful tools we provide them — parameterized queries, XSRF tokens, X.509 certificates, and escapes in all their glorious forms? I will tell you: It is because these tools are not very good. And they are not very good, because their quality simply has not mattered. Security demands, devs implement, and if devs don’t implement, security complains. And six months later, it’s the same bugs, in the same places, by the same devs. It doesn’t have to be this way. In this talk, I will discuss the theory that most classes of security flaws are actually symptoms of deeper causes. Furthermore, I will present attempts at addressing these causes. Specific areas of investigation will include potential answers to questions, specifically: 1) Why can’t we keep code and data separate? 2) Why can’t we log into web sites? 3) Why can’t we authenticate across organizational boundaries? By answers, I mean code, and by code, I mean _a lot_ of code. I will not provide any assurances that the code is secure — only extended peer review can do that — but I want to show another way of doing things. This talk is going to be packed with live demos. For more information click here (bit.ly
Video Rating: 0 / 5

    Diamond Dave is the owner and site coordinator of www.Blackhatworld.com (BHW). Most webmasters and internet marketing experts know and follow all the latest Search Engine Optimization (SEO) techniques on the internet at BHW. In fact, Blackhat World is not only the #1 website on the internet for cutting edge Search Engine Optimization methods it is the No 1 "authority" site. Some of the topics discussed on BHW include but are not restricted to: Outsourcing, Blogging, email marketing, Social Networking, Google Adsense and Google Ad words, hiring freelancers, webmaster tools and many more categories and subjects of interest. In addition, BHW is a great resource for beginners (newbies) and seasoned veterans.
Ads
Amazon.com
SeNuke.com
Tags
CATEGORIES
Translator